When a PCI device is assigned to an untrusted domain, it is possible for that domain to program the device to DMA to an arbitrary address. The IOMMU is used to protect the host from malicious DMA by making sure that the device addresses can only target memory assigned to the guest. However, when the guest domain is torn down the device is assigned back to dom0, thus allowing any in-flight DMA to potentially target critical host data.
Source: Xen Security Team
Created xen tracking bugs for this issue:
Affects: fedora-all [bug 1767731]